Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,209 advisories

Loading
Arbitrary file deletion in ureport Critical
CVE-2023-24188 was published for com.bstek.ureport:ureport2-core (Maven) Feb 13, 2023
Path traversal vulnerability in glance Moderate
CVE-2022-25937 was published for glance (npm) Feb 13, 2023
lirantal
StaticHandler disclosure of classpath resources on Windows when mounted on a wildcard route Moderate
CVE-2023-24815 was published for io.vertx:vertx-web (Maven) Feb 10, 2023
adrien-aubert-drovio
mrpack-install vulnerable to path traversal with dependency High
CVE-2023-25307 was published for github.com/nothub/mrpack-install (Go) Feb 8, 2023
Akarys42
Openshift Enterprise source-to-image vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) Moderate
CVE-2018-1103 was published for github.com/openshift/source-to-image (Go) Feb 6, 2023
Unsafe tar unpacking in HashiCorp go-slug High
CVE-2020-29529 was published for github.com/hashicorp/go-slug (Go) Feb 6, 2023
Path Traversal in gin-vue-admin High
CVE-2022-47762 was published for github.com/flipped-aurora/gin-vue-admin (Go) Feb 3, 2023
Warp vulnerable to Path Traversal via Improper validation of Windows paths High
GHSA-8v4j-7jgf-5rg9 was published for warp (Rust) Jan 31, 2023
tdunlap607
Path traversal in ubi-reader Moderate
CVE-2023-0591 was published for ubi-reader (pip) Jan 31, 2023
qkaiser
Servst vulnerable to Path Traversal High
CVE-2022-25936 was published for servst (npm) Jan 30, 2023
JSZip contains Path Traversal via loadAsync Moderate
CVE-2022-48285 was published for jszip (npm) Jan 29, 2023
Path Traversal In Eclipse GlassFish Moderate
CVE-2022-2712 was published for org.glassfish.main.web:web (Maven) Jan 27, 2023
Fix for arbitrary file deletion in customer media allows for remote code execution High
CVE-2021-41143 was published for openmage/magento-lts (Composer) Jan 27, 2023
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal Moderate
CVE-2022-47951 was published for cinder (pip) Jan 27, 2023
Directory Traversal vulnerability in serve-lite High
CVE-2022-21192 was published for serve-lite (npm) Jan 26, 2023
lirantal
Directory Traversal in onnx High
CVE-2022-25882 was published for onnx (pip) Jan 26, 2023
Path traversal in binwalk High
CVE-2022-4510 was published for binwalk (pip) Jan 26, 2023
qkaiser
Path traversal vulnerability in Jenkins PWauth Security Realm Plugin Moderate
CVE-2023-24449 was published for org.jvnet.hudson.plugins:pwauth (Maven) Jan 26, 2023
Path Traversal in Jenkins visualexpert Plugin Moderate
CVE-2023-24455 was published for io.jenkins.plugins:visualexpert (Maven) Jan 26, 2023
MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core` Critical
CVE-2023-24057 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Jan 23, 2023
JLLeitschuh
Path traversal in spotipy Moderate
CVE-2023-23608 was published for spotipy (pip) Jan 23, 2023
Shaderbug
Path Traversal in github.com/go-sonic/sonic Moderate
CVE-2022-46959 was published for github.com/go-sonic/sonic (Go) Jan 23, 2023
Kraken has arbitrary file read vulnerability via component testfs High
CVE-2022-47747 was published for github.com/uber/kraken (Go) Jan 20, 2023
act vulnerable to arbitrary file upload in artifact server High
CVE-2023-22726 was published for github.com/nektos/act (Go) Jan 20, 2023
Velociraptor subject to Path Traversal Moderate
CVE-2023-0290 was published for www.velocidex.com/golang/velociraptor (Go) Jan 19, 2023
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database